Ameaca Ativa • ALTO
204.48.25.130
Pais de Origem🇺🇸 Estados Unidos
Primeira Deteccao27/03/2026
Ultima Atividade03/04/2026
ISPDigitalOcean, LLC
🎯
235
Ataques Totais
🔌
5
Portas
📡
3
Tipos de Ataque
🦠
1
Malware
Geolocalizacao
- Pais
- 🇺🇸 Estados Unidos
- Cidade
- North Bergen
- ASN
- AS14061
- ISP
- DigitalOcean, LLC
Tipos de Ataque
ssh_telnet_honeypot
ics_scada_honeypot
tcp_trap
Portas Atacadas
2313882404767631337
Malware Associado
Credenciais Tentadas
🔐<to>http://192.168.10.100/msmq/private$/queuejumper</to>/<id>uuid:1@00000000-0000-0000-0000-000000000000</id>
1x🔐Content-Type: application/octet-stream/Content-Length: 7
1x🔐Call-ID: 50000/CSeq: 42 OPTIONS
1x🔐Content-Id: body@ff3af301-3196-497a-a918-72147c871a13/(vazio)
1x🔐Max-Forwards: 70/Content-Length: 0
1x🔐 <properties se:mustUnderstand="1">/<expiresAt>20600609T164419</expiresAt>
1x🔐 <action>MSMQ:poc</action>/<to>http://192.168.10.100/msmq/private$/queuejumper</to>
1x🔐Content-Type: text/xml; charset=UTF-8/Content-Length: 606
1x🔐Contact: <sip:nm@nm>/Accept: application/sdp
1x🔐b'\x10\x00\x03\x00LIORL\t\x00\x00\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00c\xaa\xbed\x01\x00\x00\x00\x01\x1c \x02`\x00h\x00t\x00t\x00p\x00:\x00/\/xmlns="http://schemas.xmlsoap.org/srmp/">
1x🔐<path xmlns="http://schemas.xmlsoap.org/rp/" se:mustUnderstand="1">/<action>MSMQ:poc</action>
1x🔐Content-Type: multipart/related; boundary="MSMQ - SOAP boundary, 53287"; type=text/xml/Host: 192.168.10.100
1x🔐GET /nice%20ports%2C/Tri%6Eity.txt%2ebak HTTP/1.0/(vazio)
1x🔐b'0\x84\x00\x00\x00-\x02\x01\x07c\x84\x00\x00\x00$\x04\x00'/
1x🔐From: <sip:nm@nm>;tag=root/To: <sip:nm2@nm2>
1xExposicao Shodan InternetDBShodan
Dados InternetDB, nao em tempo real
Portas
22
Hostnames
prod-barium-nyc1-26.do.binaryedge.ninja
CPEs
cpe:/o:canonical:ubuntu_linuxcpe:/a:openbsd:openssh:8.9p1
Avaliacao de Risco
70
/100
BaixoMedioAltoCritico